Consumers who purchased Avast’s antivirus software between 2014 and 2020 will soon see some financial relief, as the company has agreed to a substantial settlement of .5 million. This decision comes in response to allegations that Avast secretly collected and sold personal information to third-party clients, a practice that has raised significant privacy concerns.
FTC Takes Action
The Federal Trade Commission (FTC) is now poised to distribute compensation to those affected, following a settlement announcement made a year ago. In a recent statement, the FTC revealed that it will be sending email notifications to approximately 3,690,813 consumers who purchased Avast’s antivirus software during the specified timeframe. Eligible consumers can expect to receive these notifications between now and March 7, 2025.
To facilitate the claims process, the FTC has established a dedicated website aimed at assisting users in obtaining their compensation. However, it’s important to manage expectations; if all affected consumers file claims, each individual could receive a mere .47 from the settlement fund. The deadline for filing claims is set for June 5, with payments anticipated to be mailed out next year.
Uncovering Privacy Violations
The FTC’s scrutiny of Avast was prompted by investigative reports from PCMag and Motherboard, which revealed that the company’s antivirus products were potentially exposing users’ internet browsing histories to third-party companies. Despite Avast’s assurances of user security, it was discovered that the company had been sharing browsing data through its subsidiary, Jumpshot, without adequately stripping personal identifiers.
Internal documents indicated that this data could be traced back to individual users, particularly when cross-referenced with other data sources. The FTC’s investigation confirmed that Jumpshot had been selling users’ browsing data to over 100 clients, including various advertising firms, from 2014 until January 2020.
Consequences and Changes
In light of these findings, Avast took steps to terminate its browser data harvesting practices and shut down Jumpshot. However, the FTC’s actions did not stop there; the agency alleged that Avast had violated U.S. fair trade laws by failing to inform users about the potential sale of their browsing data. The resulting order mandated that Avast pay .5 million and prohibited the company from selling or licensing any web-browsing data for advertising purposes in the future.
Interestingly, while Avast also sold data from its free users, the settlement fund is exclusively available to those who paid for the antivirus software. In a significant shift, Avast has since merged with NortonLifeLock, forming a new security entity known as Gen. Under the terms of the FTC’s order, Avast is required to delete all data collected through its Jumpshot operations, marking a pivotal moment in the ongoing conversation about user privacy and data protection in the digital age.
